Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204291.roa
File:                     AS204291.roa (raw, json)
Hash identifier:          K7emhgwSajeVaeCM5UBbgaiZb8/I1U25j2ith9u40uw=
Subject key identifier:   F5:38:53:1D:26:31:AC:BD:A1:0C:1F:80:55:56:18:3F:10:B0:A6:CE
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       775B30F915939306DE9DD6B1F20A9FCFD90DCB0A
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204291.roa
Signing time:             Sat 13 Jan 2024 12:44:21 +0000
ROA not before:           Sat 13 Jan 2024 12:39:21 +0000
ROA not after:            Sat 11 Jan 2025 12:44:21 +0000
asID:                     204291
IP address blocks:        2a06:a005:1740::/44 maxlen: 48
                          2a06:a005:1750::/44 maxlen: 48
                          2a06:a005:1760::/44 maxlen: 48
                          2a06:a005:1770::/44 maxlen: 48
                          2a06:a005:1780::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:12:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:5b:30:f9:15:93:93:06:de:9d:d6:b1:f2:0a:9f:cf:d9:0d:cb:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Jan 13 12:39:21 2024 GMT
            Not After : Jan 11 12:44:21 2025 GMT
        Subject: CN=F538531D2631ACBDA10C1F805556183F10B0A6CE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:06:d0:ac:2a:12:08:36:46:05:ee:0a:36:26:
                    90:bb:8f:f6:41:2a:21:95:ed:23:b5:72:cf:34:57:
                    46:6e:4c:13:a9:81:11:af:26:20:9b:cf:96:af:2a:
                    fd:48:23:58:d2:43:c1:8e:cd:fe:76:a7:af:40:93:
                    a8:41:72:84:e7:eb:ad:b8:cd:ee:9b:0f:bf:76:bd:
                    cd:e6:2f:b2:52:82:7d:a2:1f:72:21:ab:48:93:6e:
                    13:b7:70:d9:a1:db:d7:12:c6:6b:1f:48:33:42:6e:
                    93:73:9c:68:c4:0b:50:7a:38:57:29:c1:b3:f3:ac:
                    75:21:64:ea:2c:d2:b9:44:91:46:c1:c1:d1:56:d8:
                    7f:b4:b3:cc:0c:d7:86:9d:01:9c:95:46:e7:9e:69:
                    0f:22:c0:12:d8:f5:d3:a2:12:a9:3a:54:f7:d6:8f:
                    31:b8:b7:2b:99:64:7c:bb:65:18:d6:e1:e7:db:d4:
                    8b:09:3c:0c:3a:65:43:e9:18:e5:74:2a:8c:85:c2:
                    fa:75:e8:b4:51:e3:fc:9f:89:b8:87:90:b3:f3:30:
                    35:3c:ed:1a:d2:5b:af:c9:14:bd:8f:14:9d:8e:6a:
                    ab:f3:03:96:43:54:2a:e3:7a:5c:cf:ab:30:f9:06:
                    78:84:bf:59:29:72:63:d0:4c:81:48:13:0a:ff:fb:
                    18:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:38:53:1D:26:31:AC:BD:A1:0C:1F:80:55:56:18:3F:10:B0:A6:CE
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS204291.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:a005:1740::-2a06:a005:178f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         2c:0a:35:a0:be:9f:7e:37:ca:de:14:87:e2:a3:76:7e:6b:f8:
         36:d0:8a:ed:6c:75:90:a7:11:2b:92:32:c8:77:e7:59:59:4d:
         51:89:45:ab:bb:a7:72:48:78:a1:2d:01:c3:91:9f:6a:39:5d:
         7b:ab:18:a4:2c:9c:1b:77:c7:73:a4:1c:c9:6e:bc:49:4c:65:
         50:54:6c:99:69:e0:f6:d2:ce:da:ee:81:0d:09:22:c9:a4:30:
         18:71:f5:91:62:f3:c0:1c:9d:55:cb:6d:02:90:d2:25:91:77:
         05:75:9b:a0:1a:e0:5c:82:ed:ee:3d:8e:fa:5f:74:ce:a6:7c:
         b1:76:bc:ad:71:58:2b:af:21:62:2a:ea:ea:83:98:be:32:3d:
         e5:60:83:7a:7d:31:1e:b3:9e:44:1c:37:d1:ae:fe:d8:19:9d:
         21:a3:9e:69:76:91:17:ef:b3:27:eb:e6:ba:19:ec:a1:2b:bd:
         51:63:37:46:8e:96:0a:22:38:81:b0:b0:b2:79:fc:9d:dd:43:
         b5:64:f7:cb:07:ca:eb:f9:d7:10:f3:65:96:93:23:c5:4f:4e:
         18:c8:fb:a3:4f:99:6d:94:92:00:4e:29:15:ec:65:a0:a2:2a:
         23:94:f8:c3:33:21:14:c8:e5:55:19:9d:f1:d1:03:4a:4a:05:
         85:dc:a9:88
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgIUd1sw+RWTkwbendax8gqfz9kNywowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDAxMTMxMjM5MjFaFw0yNTAxMTExMjQ0MjFaMDMxMTAvBgNV
BAMTKEY1Mzg1MzFEMjYzMUFDQkRBMTBDMUY4MDU1NTYxODNGMTBCMEE2Q0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzBtCsKhIINkYF7go2JpC7j/ZB
KiGV7SO1cs80V0ZuTBOpgRGvJiCbz5avKv1II1jSQ8GOzf52p69Ak6hBcoTn6624
ze6bD792vc3mL7JSgn2iH3Ihq0iTbhO3cNmh29cSxmsfSDNCbpNznGjEC1B6OFcp
wbPzrHUhZOos0rlEkUbBwdFW2H+0s8wM14adAZyVRueeaQ8iwBLY9dOiEqk6VPfW
jzG4tyuZZHy7ZRjW4efb1IsJPAw6ZUPpGOV0KoyFwvp16LRR4/yfibiHkLPzMDU8
7RrSW6/JFL2PFJ2OaqvzA5ZDVCrjelzPqzD5BniEv1kpcmPQTIFIEwr/+xh5AgMB
AAGjggH9MIIB+TAdBgNVHQ4EFgQU9ThTHSYxrL2hDB+AVVYYPxCwps4wHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBwBggrBgEF
BQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
MjA0MjkxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEH
AQH/BB4wHDAaBAIAAjAUMBIDBwYqBqAFF0ADBwQqBqAFF4AwDQYJKoZIhvcNAQEL
BQADggEBACwKNaC+n343yt4Uh+Kjdn5r+DbQiu1sdZCnESuSMsh351lZTVGJRau7
p3JIeKEtAcORn2o5XXurGKQsnBt3x3OkHMluvElMZVBUbJlp4PbSztrugQ0JIsmk
MBhx9ZFi88AcnVXLbQKQ0iWRdwV1m6Aa4FyC7e49jvpfdM6mfLF2vK1xWCuvIWIq
6uqDmL4yPeVgg3p9MR6znkQcN9Gu/tgZnSGjnml2kRfvsyfr5roZ7KErvVFjN0aO
lgoiOIGwsLJ5/J3dQ7Vk98sHyuv51xDzZZaTI8VPThjI+6NPmW2UkgBOKRXsZaCi
KiOU+MMzIRTI5VUZnfHRA0pKBYXcqYg=
-----END CERTIFICATE-----